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METHOD AND SYSTEM FOR SCALING 
NETWORK TRAFFIC MANAGERS 

This application isj]continuation-in-part of U.S. patent 
application Ser. No. 10/1 19,433 now U.S. Pat. No. 7,102,996, 
filed Apr. 9, 2002, which claims the benefit of priority under 
35 U.S.C § 1 1 9(e) from U.S. Provisional Application Ser. No. 
60/293,466, filed May 24, 2001, entitled "Method and Sys- 
tem for Distributing Traffic to Multiple Load Balancers," the 
benefit of each is further claimed herein. 

FIELD OF THE INVENTION 

The present invention relates to computer network traffic, 
and in particular to distributing network traffic associated 
with traffic management devices. 

BACKGROUND 

The Internet's core bandwidth continues to double every 
year. Some of this additional bandwidth is consumed as more 
and more users access the Internet. Other additional band- 
width is consumed as existing users increase their use of the 
Internet. This increase of Internet use translates into an 
increase in traffic directed to and from World Wide Web 
(WWW) servers and other Internet servers. 

Replacing a WWW server with a WWW server of twice the 
capacity is a costly undertaking. Adding additional WWW 
servers is less costly but generally requires a load-balancing 
mechanism to balance workload so that each virtual server 
performs work proportional to its capacity and the number of 
servers available to the traffic management device that is 
performing the load balancing. 

This requirement for more sophisticated traffic manage- 
ment requires more processing. With a sufficient rate of 
requests, eventually a traffic management device may not be 
able to process traffic in a timely manner. Therefore, it is with 
respect to these considerations and others that the present 
invention has been made. 

BRIEF DESCRIPTION OF THE DRAWINGS 

Non-limiting and non-exhaustive embodiments of the 
present invention are described with reference to the follow- 
ing drawings. In the drawings, like reference numerals refer 
to like parts throughout the various figures unless otherwise 
specified. 

For a better understanding of the present invention, refer- 
ence will be made to the following Detailed Description of the 
Invention, which is to be read in association with the accom- 
panying drawings, wherein: 

FIGS. 1-2 show components of an exemplary environment 
in which the invention may be practiced; 

FIG. 3 illustrates an exemplary environment in which a 
system for distributing traffic to an array of traffic manage- 
ment devices operates; 

FIG. 4 shows another exemplary environment in which a 
system for distributing traffic to an array of traffic manage- 
ment devices operates; 

FIG. 5 shows yet another exemplary environment in which 
a system for routing traffic through an array of traffic man- 
agement devices operates; 

FIG. 6 shows one embodiment of a statistical traffic dis- 
tributor (STD); 

FIG. 7 shows another embodiment of a statistical traffic 
distributor (STD); 
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FIG. 8 illustrates a flow chart for a process for determining 
how to forward packets; and 

FIG. 9 shows a flow chart for managing target port number 
selection, in accordance with the present invention. 

DETAILED DESCRIPTION OF THE PREFERRED 
EMBODIMENT 

The present invention now will be described more fully 
to hereinafter with reference to tlie accompanying drawings, 
which form a part hereof, and which show, by way of illus- 
tration, specific exemplary embodiments by which the inven- 
tion may be practiced. This invention may, however, be 
embodied in many different forms and should not be con- 
is strued as limited to the embodiments set forth herein; rather, 
these embodiments are provided so that this disclosure will be 
thorough and complete, and will fully convey the scope of the 
invention to those skilled in the art. Among other things, the 
present invention may be embodied as methods or devices. 
20 Accordingly, the present invention may take the form of an 
entirely hardware embodiment, an entirely software embodi- 
ment or an embodiment combining software and hardware 
aspects. The following detailed description is, therefore, not 
to be taken in a limiting sense. 
25 Throughout the specification, the meaning of "a," "an," and 
"the" include plural references. The meaning of "in" includes 
"in" and "on." 

Briefly stated, the present invention is directed to a system 
and method for routing a flow of packets to one or more traffic 

30 management devices. The invention enables a client-side flow 
of packets and a server-side flow of packets in the flow of 
packets between a client and server to be directed to a same 
traffic management device. One or more distributors may be 
employed to route the flow of packets. As the packets are 

35 received, a distributor extracts information, such as source 
and destination IP addresses, and source and destination port 
numbers from the packet. If the source port number equals the 
destination port number, the distributor forwards thepacketto 
a pre-determined traffic management device. If the source 

40 port number is greater than the destination port number, the 
distributor performs a hash on the source IP address and the 
source port number. If the source port number is not greater 
than the destination port number, the distributor performs the 
hash on the destination IP address and the destination port 

4 5 number. For both cases, the hash results are employed to 
select a destination traffic management device to forward the 
packet. Because, the destination traffic management device 
may perform a network address translation on the packet 
contents, the present invention may perform additional 

50 actions directed at maintaining the same relationship between 
the source and destination port numbers, such that a reply 
packet to the forwarded packet is handled by the same traffic 
management device. 

55 Illustrative Operating Environment 

FIGS. 1-2 show components of an exemplary environment 
in which the invention may be practiced. Not all of the com- 
ponents may be required to practice the invention, and varia- 
tions in the arrangement and type of the components may be 

6o made without departing from the spirit or scope of the inven- 

FIG. 1 shows one embodiment of wide area network/local 
area network (WAN/LAN) 100, in accordance with the 
present invention. WAN/LAN 100 includes a plurality of 
65 local area networks ("LANs") 120 a _ d and wide area network 
("WAN") 130 interconnected by routers 110. Routers 110 are 
intermediary devices on a communications network that 
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expedite message delivery. On a single network linking many device mentioned above that is equipped to use a wired and/or 

computers through a mesh of possible connections, a router wireless communication medium. 

receives transmitted messages and forwards them to their FIG. 2 shows an exemplary network device 200 that may 
correct destinations over available routes. On an intercon- , e as an mtermed iate network device in accordance with 
netted set of LANs-including those based on differing 5 the present invention . It will be a pp recia ,ed that not all com- 
arctoecturesandprotocols-^routeractsasalink between ts ofnetwork device 200 m iI]ustrated , and that net- 
LANs, enabling messages to be sent from one to another. . , . „„ A . . , r t t , 
„ . t . ,. , . t « . j * -wt . „ • . , * * j work device 200 may include more or fewer components than 
Communication links within LANs typically include twisted , , . \ . , . ... ^ „ 
pair, fiber optics, or coaxial cable, while communication links mose s , hown m 2^Network device 200 may operate, for 
between networks may utilize analog telephone lines, full or to ^P 16 ' f a router > bndge, firewall, gateway, traffic man- 
fractional dedicated digital lines including Tl, T2, T3, and a g emen < dev,ce ^ referred t0 as a traffic ™™g er l dis- 
T4, Integrated Services Digital Networks (ISDNs), Digital tributor, load balancer, server array controller, or proxy 
Subscriber Lines (DSLs), wireless links, or other communi- servel "- ^ communications may take place over the network 

cations links known to those skilled in the art. 13°. the Internet, a WAN, LAN, or some other communica- 

~~ " network known to those skilled in the art. 



Furthermore, computers, such as remote computer 140, 
and other related electronic devices can be remotely con- 
nected to either LANs 120 a _ rf or WAN 130 via a modem and 
temporary telephone link. The number of WANs, LANs, and 
routers in FIG. 1 may be increased or decreased arbitrarily 
without departing from the spirit or scope of this ' 



As illustrated in FIG. 2, network device 200 includes a 
central processing unit (CPU) 202, mass memory, and a net- 
work interface unit 212 connected via a bus 204. Network 
interface unit 212 includes the necessary circuitry for con- 
20 necting network device 200 to network 130, and is con- 
Assuch,itwillbeappreciatedthatthelnternetitselfmaybe structed for use with various communication protocols 
formed from a vast number of such interconnected networks, including the TCP/IP and UDP/IP protocol. Network inter- 
computers, and routers. Generally, the term "Internet" refers f ace unit 2 1 2 may include or interface with circuitry and 
to the worldwide collection of networks, gateways, routers, components for transmitting messages and data over a wired 
and computers that use the Transmission Control Protocol/ 25 and/or wireless communications medium. Network interface 
Internet Protocol ("TCP/IP") suite of protocols to communi- "nit 212 is sometimes referred to as a transceiver, 
cate with one another. At the heart of the Internet is a back- The mass memory generally includes random access 
bone of high-speed data communication lines between major memory ("RAM") 206, read-only memory ("ROM") 214, 
nodes or host computers, including thousands ofcommercial, and one or more permanent mass storage devices, such as 
government, educational, and other computer systems, that 30 hard disk drive 208. The mass memory stores operating sys- 
route data and messages. An embodiment of the invention tern 216 for controlling the operation of network device 200. 
may be practiced over the Internet without departing from the The operating system 21 6 may comprise an operating system 
spirit or scope of the invention. such as UNIX, LINUX™, or Windows™. 

The media used to transmit information in communication 35 In one embodiment, the mass memory stores program code 
links as described above illustrates one type of computer- and data for implementing a hash function 218, and program 
readable media, namely communication media. Generally, code and data for implementing an allocation table 220, in 
computer-readable media includes any media that can be accordance with the present invention. The mass memory 
accessed by a computing device. Computer-readable media may also store additional program code 224 and data for 
may include computer storage media, communication media, 4Q performing the functions of network device 200. 
or any combination thereof. In one embodiment, the network device 200 includes one 

Communication media typically embodies computer-read- or more Application Specific Integrated Circuit (ASIC) chips 
able instructions, data structures, program modules, or other 226 connected to the bus 204. As shown in FIG. 2, the network 
data in a modulated data signal such as a carrier wave or other interface unit 212 may connect to the bus through an ASIC 
transport mechanism and includes any information delivery 45 chip. The ASIC chip 226 includes logic that performs some of 
media. The term "modulated data signal" means a signal that the functions of network device 200. For example, in one 
has one or more of its characteristics set or changed in such a embodiment, the ASIC chip 226 performs a number of packet 
manner as to encode information in the signal. By way of processing functions, to process incoming packets. In one 
example, communication media includes wired media such embodiment, the logic of the hash function 218 is performed 
as twisted pair, coaxial cable, fiber optics, wave guides, and 50 by the ASIC chip 226. In one embodiment, the network 
other wired media and wireless media such as acoustic, RF, device 200 includes one or more field-programmable gate 
infrared, and other wireless media. arrays (FPGA) (not shown), instead of, or in addition to, the 

Remote computer 140 is any device capable of connecting ASIC chip 226. A number of functions of the network device 
with local area networks ("LANs") 120 a _ d and wide area can be performed by the ASIC chip 226, by an FPGA, by the 
network ("WAN") 130. The set of such devices may include 55 CPU 202 with the logic of program code stored in mass 
devices that typically connect using a wired communications memory, or by a combination of the ASIC chip and the CPU. 
medium such as personal computers, multiprocessor sys- Computer storage media may include volatile and nonvola- 

tems, microprocessor-based or programmable consumer tile, removable and non-removable media implemented in 
electronics, network PCs, and the like. The set of such devices any method or technology for storage of information, such as 
may also include devices that typically connect using a wire- 60 computer readable instructions, data structures, program 
less communications medium such as cell phones, smart modules or other data. Examples of computer storage media 
phones, pagers, walkie talkies, radio frequency (RF) devices, include RAM 206, ROM 214, EEPROM, flash memory or 
infrared (IR) devices, CBs, integrated devices combining one other memory technology, CD-ROM, digital versatile disks 
or more of the preceding devices, and the like. Alternatively, (DVD) or other optical storage, magnetic cassettes, magnetic 
remote computer 140 may be any device that is capable of 65 tape,magneticdiskstorageorothermagneticstoragedevices, 
connecting using a wired or wireless communication medium or any other medium that can store the information and that 
such as a PDA, POCKET PC, wearable computer, or other can be accessed by a computing device. 
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Network device 200 may also include an input/output origin servers 440-442. The packet may include information 
interface (not shown) for communicating with external such as a request, response, or configuration command. Gen- 
devices or users. erally, packets received by distributor 415 will be formatted 

Network device 200 can also be implemented as one or according to TCP/IP, but they could also be formatted using 

more "blades" where the term "blade" refers to one of mul- 5 another transport protocol, such as User Datagram Protocol 

tiple electronic circuit boards or cards that are installed in a tUP PI. Internet Control Message Protocol (ICMP), [NETh-| 

hardware chassis with a backplane. An exemplary blade may |euij IPX/SPX, token ring, and the like. Upon receipt of a 

include one or more processors, volatile and non-volatile packet, a transcoder (not shown) associated with distributor 

memory, interfaces suitable for communicating information 415 makes a determination as to where the packet should go. 
to and from the blade, and other components for enabling the 10 The transcoder may be logic circuitry or software executing 

operation of one or more applications. A blade may also on an electronic device, such as a processor, within distributor 

include a specialized interface for the backplane and other 415, or it may execute or reside elsewhere, 

interfaces, such as a USB port, F1REWIRE port, serial port, In one embodiment, the transcoder includes traffic distri- 

RF interface, IR interface, Ethernet interface, IDE controller, bution engine 224 shown in FIG. 2. The transcoder may 
and the like. An application running on a blade may employ is access a database, a table, or other information to determine 

any of these interfaces to communicate information to other an action to perform upon receipt of a packet, or it may be 

applications running on other blades and/or devices coupled "hard-wired" to perform a certain action depending pre-de- 

to the blade server. Network device 200 can also be imple- fined conditions. In some senses, the transcoder may be 

mented as a combination of blades and additional compo- viewed as the "brains" of distributor 415 or as logic, which 
nents in the chassis. 20 drives the operation of distributor 415. In future references to 

• -7- ^- ■. o distributors, the word transcoder may or may not be used. 

Illustative Traffic D.stnbuting Systems Furthermore, a distributor may be referred to as making deci- 

? ^Y 23 m e ^ m P lar y environment m which a sions or determinationS! but it should be understood in such 

system for distnbuting traffic through an array of traffic man- references that a transcoder associated with the distributor is 

agement devices operates, accordmg to one embodiment of 2S making ±e decisions or determinations and causing the dis- 

the invention. The system includes client 410, distributors t0 take action appropriate iv 

415-416, traffic management devices 420-422, and origin A user on client 410 may request, for example, a Web page 

servers 440-442. associated with a URL, such as http://www.uspto.gov. If this 

Client 410 is coupled to distributor 415 over WAN/LAN is a Web page ^ is serviced by orjgin servers 440.442, 

100. Distributor 415 is coupled to distributor 416 through 30 distributor 415 forwards the request to one of traffic manage- 

traffic management devices 420-422. Distributor 415 also has ment devices 420 .422. A user on client 410 may request 

a more direct connection to distributor 416. Distributor 416 is communication specifically with one of the traffic managers, 

coupled to ongm servers 440-442. m this case, distributor 415 forwards the request to the speci- 

Client 41 0 is any device capable of connecting with WAN/ fied traffic manager . For example, the user may wish to con- 
LAN 100. As such, client 410 is substantially similar to 35 figure me traffic management device, install new software, 
remote computer 140 in FIG. 1. provide maintenance, or some other activity. The user may 

Distributor 415 receives information in the form of pack- w i sn t0 configure distributor 415. In this case, distributor 415 

ets.Eachpacketmayconveyapieceofinformation.Apacket processes the communication itself. Distributor 415 may 

may be sent for handshaking, i.e., to establish a connection or receive a response to a previous request from one of traffic 

to acknowledge receipt of data. A communication includes a 40 management devices 420-422. Distributor 415 may then for- 

group of related packets sent between two devices, such as ward this request to the recipient by sending it to WAN/LAN 

client 410 and server 440. For example, to request a Web lOO.Ausermay send a message directed specifically at one of 

page, client 41 0 may send some packets requesting a connec- or j g in servers 440-442 . In this case, distributor 415 may send 

tion, e.g., handshaking packets, server 440 may respond with the message to distributor 416 for relaying the message to the 

other handshaking packets. Then client 410 may send a 45 specified server. 

packet requesting a particular Web page. Server 440 may when requests for content come to distributor 415, the 
respond by sending data packets associated with the Web distributor may be required to ensure that a request from the 
page. Finally, client 410 may end a communication by send- same source is sent through the same traffic management 
ing some more handshaking packets which server 440 may device. Distributor 415 (and 416) may employ a variety of 
respond to with other handshaking packets. In essence, a 50 techniques to ensure that the request is from the same source 
communication may be thought to include all packets needed j s sent through the same traffic management device. For 
or necessary for a transaction to occur. A communication or example, distributor 415 (and 416) may employ such tech- 
part of a communication may also be referred to as a flow or mques as are described in U.S. patent application Ser. No. 
as a flow of packets. 10/119,433, filed Apr. 9, 2002, entitled "Method and System 
As described above, a flow may include a bi-directional 55 for Scaling Network Traffic Managers," which is hereby 
flow of packets. Bi-directional packet flows include packets incorporated by reference. 

sent from a client, such as client 410, that are destined for a Distributor 415 may extract information from the request 

server, such as origin server 440, and those packets sent from to select the traffic management device. By dynamically 

the server to the client. A flow of packets may also include employing the extracted information for each request, dis- 

related packet flows, such as a control packet flow and a data 60 tributor 415 need not maintain state informatio n about the 

packet flow that may arise during a File Transfer Protocol connections between origin servers 440-442 an d|requesters| 

(FTP) session, or the like. A flow of packets might further such as client 410. Distributor 415 may select the traffic 

include IP fragments that may arise either at the original management device and forward requests by performing 

sender of the packets, or at any intermediate device along a actions described below in conjunction with FIG. 8. 

communication path. 65 Sometimes, when distributor 415 receives a packet, it acts 

A packet may come from various senders including client like a router or switch, forwarding the packet toward the 

410, traffic management devices 420-422, distributor 416, or intended recipient. For example, distributor 415 may receive 
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a request to connect with server 440. Distributor 415 may 
forward this request to distributor 416 for forwarding to 
server 440. Distributor 415 may receive a packet from dis- 
tributor 41 6 or from traffic management devices 420-422 that 
is directed at a client, such as client 41 0. In this case, distribu- 
tor 415 forwards the packet to WAN/LAN 100 (or a router 
thereon) . Alternatively, if client 41 0 is a device distributor 415 
is more closely connected to, distributor 415 may send the 
message directly to client 410. 

Distributor 415 may use a different algorithm for forward- 
ing messages directed towards traffic management devices 
420-422 than for messages from traffic management devices 
420-422. For example, when messages are directed at traffic 
management devices 420-422, distributor 415 may perform a 
hash on either a source or destination IP address and port 
number to determine to which traffic management device the 
message is to be sent. When distributor 415 receives a mes- 
sage from a traffic management device, however, it may 
forego applying a hash. 



ment device the reply is sent. This may result in a different 
traffic management device being selected to handle the reply 
than was selected to handle an initial client request. There- 
fore, traffic management devices 420-422 may need to per- 

5 form actions such as those described below in conjunction 
with FIG. 9 to ensure that the same traffic management device 
handles packets in the same flow of packets. 

Traffic management devices, such as traffic management 
devices 420-422, are any devices that manage network traffic. 

10 Such devices include, for example, routers, proxies, firewalls, 
load balancers, devices that perform network address trans- 
lation, any combination of the preceding devices, and the like. 
A traffic manager may, for example, control the flow of data 
packets delivered to and forwarded from an array of applica- 

is tion servers, such as Web servers. A traffic manager may 
direct a request for a resource to a particular Web server based 
on network traffic, network topology, capacity of the server, 
content requested, and a host of other load balancing metrics. 
A traffic manager may receive data packets from and transmit 



A hash is a function or algorithm that maps a set of input 20 data packets to the Internet, an intranet, or a local area net- 



values to a set of output values. Typically, a hash is used when 
the set of input values has more elements than the set of output 
values. Some hashes when applied to a set of input values will 
map the input values approximately equally over the set of 
output values. Other hashes will map the input values dispro- 2 
portionately to a set of output values. For example, one traffic 
management device may be able to deal with twice as many 
packets as another traffic management device. A hash could 
be constructed to map input packets to the one traffic rr 



agement devicf 



as often as mapping packets to theother 30 one o 



work accessible through another network. A traffic manager 
may recognize packets that are part of the same communica- 
tion, flow, and/or stream and may perform special processing 
on such packets, such as directing them to the same server so 
that state information is maintained. A traffic manager may 
support a wide variety of network applications such as Web 
browsing, email, telephony, streaming multimedia, and other 
traffic that is sent in packets. 

A traffic management device may be implemented using 



traffic management device. Generally, a hash is deterministic. 
That is, the hash will produce the same output value whenever 
a particular input value is hashed on. 

Traffic management devices 420-422 receive messages 
sent from distributors 415 and 41 6. In some operations, traffic 
management devices 420-422 act like level 7 switches. That 
is, they may look at content associated with higher TCP/IP 
layers of th e message , e.g. a request for a page such as http:// 
www.uspto }gov/and| information that identifies the user, such 
as a cookie, etc. Ihey may store information in memory so 
that next time the requestor requests more information from 
http://www.uspto.gov/, each request is sent to the 



e personal computers, POCKET PCs, wearable 



computers, multiprocessor systems, microprocessor-based or 
programmable consumer electronics, network PCs, cell 
phones, smart phones, pagers, walkie talkies, radio frequency 
(RF) devices, infrared (IR) devices, CBs, integrated devices 
35 combining one or more of the preceding devices, and the like. 
Such devices may be implemented solely in hardware or in 
hardware and software. For example, such devices may 
include some application specific integrated circuits (ASICs) 
coupled to one or more microprocessors. The ASICs may be 
40 used to provide a high-speed switch fabric while the micro- 
processors may perform higher layer processing of packets. 
An exemplary device that could be used as a traffic m 



server. They may do this, in part, to ensure that the user is ment device is server computer 200 of FIG. 2, configured with 
connected to the server that the user previously connected to. appropriate software. A traffic management device may have 
This helps prevent the loss of transaction data, such as items 45 multiple network interface units and each network interface 
in a shopping cart. unit may interface with one or more networks. It should be 

In addition, traffic management devices 420-422 may per- understood that traffic manager as it is used in this document 
form network address translation (NAT). That is, in a TCP/IP means traffic management device. 

packet, they may change the source and/or destination field. Distributor 416 receives communications and forwards 
This may be done for many reasons. One reason is that each 50 them to one or more of origin servers 440-442, to distributor 
traffic management device is configured to cause future com- 415, or to traffic management devices 420-422. When for- 
o and from a server to flow through the traffic warding messages to traffic management devices 420-422, 
distributor 416 may hash on the IP address and port number of 
either the destination or source, depending on which is 
greater, so that the same traffic management device that sent 
a packet to a server receives the server's response. Distributor 
416 may perform actions describedbelow in conjunction with 
FIG. 8 to select the traffic management device. Distributor 
416 may act as a switch or router in relaying messages to 
intended recipients. Although distributor 416 is shown as 
having one shared communications link (segment) going 
between it and origin servers 440-442, it may have dedicated 
communications links to each of origin servers 440-442. 

Origin servers 440-442 may include one or more WWW 
servers, such as network device 200 of FIG. 2, or other gen- 
eral-purpose servers. Origin servers 440-442 may serve con- 
tent for more than one vendor. For example, a group of ven- 



management device, so that the traffic management device 
may maintain state information about the connection. The 
traffic management device may need state information to 5 
gracefully close a connection if, for example, the server fails. 
In addition, the traffic management device may need state 
information to reroute a connection to another server if the 
server fails. Another reason the traffic management device 
may be configured to have all future communications flow 6 
through it is for security purposes. 

When traffic management devices 420-422 perform a net- 
work address translation, a relationship between the source 
and destination field may change. For example, a source port 
number that was originally less than a destination port num- 6 
ber, may now be greater. Such a change in the relationship 
between the port numbers may affect which traffic manage- 



US 7,395,349 Bl 



17 



18 



key and employing the hash key to select the first traffic 
manager, wherein a response packet to the received 
packet is forwarded to the first traffic manager; and 
(iii) if the received packet is a packet of a second type, 
forwarding the received packet to a second traffic man- 5 
ager that is selected based in part on a second field in the 
received packet, wherein the response packet is for- 
warded to the second traffic manager and wherein the 
second field in the received packet is hashed to obtain 
another hash key that is used to select the second traffic to 
manager. 

16. The method of claim 15, wherein receiving the packet 
further comprises determining the packet type of the received 
packet based in part on comparing source information with 
destination information in the received packet. 15 

17. The method of claim 15, wherein a packet of the first 
type further comprises a packet that includes a source port 
number that is greater than a destination port number. 

18 . The method of claim 15, wherein a packet of the second 
type further comprises a packet that includes a destination 20 
port number that is greater than a source port number. 

19. The method of claim 15, wherein the first field in the 
received packet further comprises a source IP address and the 
source port number, and the second field in the received 
packet further comprises a destination IP address and the 25 
destination port number. 

20. The method of claim 15, further comprising, if the first 
field in the received packet equals the second field in the 
received packet, forwarding the received packet to a pre- 
determined traffic manager. 30 

21. The method of claim 15, further comprising, if source 
information in the received packet is to be translated, replac- 
ing a source port number in the received packet with another 
source port number, wherein the other source port number is 
greater than a destination port number associated with the 35 
received packet. 

22. The method of claim 21, wherein the other source port 
number is selected from a pre-computed self-source port 
table. 

23 . A system for routing a packet over a network, compris- 40 
ing: 

(a) a plurality of servers; 

(b) a plurality of traffic managers arranged to direct the 
packet to at least one of the plurality of servers; and 

(c) a distributor, coupled to the plurality of traffic manag- 45 
ers, that is arranged to perform actions, including: 



(i) if the received packet is a first packet type, forwarding 
the received packet to a first traffic manager in the 
plurality of traffic managers that is selected using in 
part a first field in the received packet by hashing the 
first field to obtain a hash key used to select the first 
traffic manager, wherein a response packet to the 
received packet is forwarded to the first traffic man- 
ager; and 

(ii) if the received packet is a second packet type, for- 
warding the received packet to a second traffic man- 
ager in the plurality of traffic managers that is selected 
using inpart a second field in the received packet by in 
part hashing the second field to obtain another hash 
key used to select the second traffic manager, wherein 
the response packet is forwarded to the second traffic 

24. The system of claim 23, wherein the first packet type 
includes a source port number in the received packet that is 
greater than a destination port number in the received packet, 
and a second packet type includes a destination port number 
in the received packet that is greater than a source port number 
in the received packet. 

25. The system of claim 23, wherein using in part the first 
field further comprises using a source IP address and a source 
port number in the received packet. 

26. The system of claim 24, wherein using |the p art the 
second field further comprises using a destination IP address 
and a destination port number in the received packet. 

27 . The system of claim 23, wherein in part hashing the first 
field further comprises: 

hashing a source IP address and a source port number inthe 

received packet to obtain the hash key; and 
employing the hash key to select the first traffic manager to 
which the received packet is forwarded. 

28. The system of claim 27, wherein hashing the source IP 
address includes employing a hash function that is configured 
to load balance the plurality of traffic managers. 

29. The system of claim 23, wherein the distributor is 
arranged to perform actions, further comprising, if the 
received packet is associated with a pre-determined group 
characteristic, selecting the traffic manager and the other 
traffic manager from a plurality of traffic managers that are 
partitioned into groups of traffic managers based in part on the 
pre-determined group characteristic. 



